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REMARKS 

Claims 1-2, 8-9, 15 and 22-23 have been amended. Claims 16-21 have been 
cancelled, without prejudice. Claims 24-29 have been added. Claims 1-15 and 22 - 29 are 
under examination. 

REJECTIONS BASED ON THE PRIOR ART 
35 U.S.C 103(a) 

Claims 1, 6-8, 13-15, and 20-23 are rejected under 35 U.S.C 103(a) as being 
unpatentable over Skene et al, hereinafter "Skene" (U.S. Patent Application Publication 
2001/0052016 in view of Ye, (U.S. Patent No. 6,772,348), in further view of Coss et al, 
hereinafter "Coss", (U.S. Patent Number 6,170,012). The cancellation of Claims 20 and 21 
renders the rejection to those claims moot. The rejection to Claims 1, 6-8, 13-15, and 22-23 is 
respectfully traversed for the following reasons. 

Currently Amended Claim 1 recites: 

A computer system providing Internet protocol security without secure domain name 
resolution, the system comprising: 

a local domain name service (DNS) server that is communicatively coupled to a 

processor and that includes a secure Internet security protocol (IPSEC) cache, 
wherein the secure IPSEC cache is readable only by an Internet protocol (IP) 
processing layer of an operating system that controls execution of an 
application program by the processor, and wherein each cache entry 
comprises information that uniquely associates the cache entry with a 
particular application process or execution time: 

a security policy data store that is communicatively coupled to the IP processing 
layer; 
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a computer-readable medium accessible to the processor and comprising one or more 
sequences of instructions which, when executed by the processor, cause the 
processor to carry out the steps of: 

receiving a message generated as a result of execution of the application 

program and that contains a domain name; 
receiving a data packet from the application; 

in response to receiving the data packet from the application, searching the 
secure IPSEC cache for an entry that matches the domain name, 
wherein the searching comprises using the information that uniquely 
associates the cache entry with a particular application process or 
execution time to verify that the domain name in the entry matches the 
domain name contained in the message; 

querying the security policy data store for an IPSEC policy matching the 

domain name, wherein the IP processing layers verifies that the policy 
matches the domain name contained in the message; 

in response to obtaining an IPSEC policy, applying the IPSEC policy to the 
data packet; and 

purging the matching entry from the cache. 

The prior art fails to teach or suggest the above underscored limitations. In the 
rejection to Claim 2, the Office Action asserts the Skene at Col. 6, lines 51-60 teaches a 
cache entry with information that uniquely associates the cache entry with a particular 
application process or execution time. Applicants respectfully disagree. Applicants presume 
that the Office Action meant to allege that Dixon at Col. 6, lines 51-60 teaches these 
limitations, in that Dixon was used by the Office Action as allegedly teaching limitations in 
Claim 2 that Skene does not teach. 

Dixon does not teach or suggest information in a cache entry that uniquely associates 
the cache entry with a particular application process or execution time at Col. 6, lines 51-60 
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or elsewhere. Dixon discusses updating certain information in a "Policy State Information 
Block" However, none of this information, "uniquely associates the cache entry with a 
particular application process or execution time," as claimed. 

Moreover, Claim 1 recites "searching comprises using the information that uniquely 
associates the cache entry with a particular application process or execution time to verify 
that the domain name in the entry matches the domain name contained in the message." 
Dixon does not teach that any of the information in the Policy State Information Block is 
used as claimed to "verify that the domain name in the entry matches the domain name 
contained in the message." 

Skene, Ye, and Coss fail to remedy this deficiency in Dixon. Therefore, Claim 1 is 
allowable. 

For the foregoing reasons, Claim 1 is allowable. Independent Claims 8, 15 and 22-23 
recite similar limitations to those in Claim 1. For at least the reasons discussed in the 
response to Claim 1, Claims 8, 15, and 22-23 are believed to be allowable. 

Claims 6-8 depend from Independent Claim 1, incorporating limitations therefrom. 
As explained above, Claim 1 includes limitations that define patentable subject matter. 
Claims 13-14 depend from Independent Claim 8, incorporating limitations therefrom. 
Therefore, these dependant Claims 6-8 and 13-14 recite patentable subject matter for at least 
the same reasons their respective independent claims recite patentable subject matter. 

Claims 2-5,9-12, and 16-19 
Claims 2-5, 9-12, and 16-19 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Skene in view of Ye and further in view of Coss, as applied to claim 1 
above, and further in view of Dixon et al., hereinafter "Dixon", (U.S. Patent Number 
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6,697,857). The rejection to Claims 9-12 is moot in view of the cancellation of those claims. 
The rejection to Claims 2-5 and 16-19 is traversed for the following reasons. 

For reasons already discussed, Claim 1 is patentable over the combination of Skene, 
Ye, Coss, and Dixon. Therefore, Claims 2-5, which depend from Claim 1 are allowable. 
Claims 16-19 are allowable based on their dependence from Claim 15. 

NEW CLAIMS 

Claims 24 - 29 have been added. Claims 24 - 29 are allowable, at least, because they 
depend from Claim 22, which is believed to be allowable. 

CONCLUSION 

The Applicant believes that all issues raised in the Final Office Action have been 
addressed and that allowance of the pending claims is appropriate. 

The Examiner is respectfully requested to contact the undersigned by telephone if it is 
believed that such contact would further the examination of the present application. 

For the reasons set forth above, it is respectfully submitted that all of the pending 
claims are now in condition for allowance. Therefore, the issuance of a formal Notice of 
Allowance is believed next in order, and that action is most earnestly solicited. 

To the extent necessary to make this reply timely filed, the Applicant petitions for an 
extension of time under 37 C.F.R. § 1.136. 
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If any applicable fee is missing or insufficient, throughout the pendency of this 
application, the Commissioner is hereby authorized to any applicable fees and to credit any 
overpayments to our Deposit Account No. 50-1302. 

Respectfully submitted, 

HICKMAN PALERMO TRUONG & BECKER LLP 



Date: August 



1L 



2006 




Ronald M. Pomerenke 
Reg. No. 43,009 



2055 Gateway Place, #550 

San Jose, CA 95110 

Telephone: (408) 414-1080, ext. 210 

Facsimile: (408)414-1076 



CERTIFICATE OF MAILING 

I hereby certify that this correspondence is being deposited with the United States Postal 
Service as first class mail in an envelope addressed to: Mail Stop RCE Commissioner for 
Patents, P.O. Box 1450, Alexandria, VA 22313-1450. 



on August 31. 2006 




Martina Placid 
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